1263320Sdim/* Stack protector support. 2263320Sdim Copyright (C) 2005-2020 Free Software Foundation, Inc. 3263320Sdim 4263320SdimThis file is part of GCC. 5269012Semaste 6263320SdimGCC is free software; you can redistribute it and/or modify it under 7263320Sdimthe terms of the GNU General Public License as published by the Free 8263320SdimSoftware Foundation; either version 3, or (at your option) any later 9263320Sdimversion. 10263320Sdim 11263320SdimIn addition to the permissions in the GNU General Public License, the 12263320SdimFree Software Foundation gives you unlimited permission to link the 13263320Sdimcompiled version of this file into combinations with other programs, 14263320Sdimand to distribute those combinations without any restriction coming 15263320Sdimfrom the use of this file. (The General Public License restrictions 16263320Sdimdo apply in other respects; for example, they cover modification of 17263320Sdimthe file, and distribution when not linked into a combine 18263320Sdimexecutable.) 19263320Sdim 20263320SdimGCC is distributed in the hope that it will be useful, but WITHOUT ANY 21263320SdimWARRANTY; without even the implied warranty of MERCHANTABILITY or 22263320SdimFITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 23263320Sdimfor more details. 24263320Sdim 25263320SdimUnder Section 7 of GPL version 3, you are granted additional 26263320Sdimpermissions described in the GCC Runtime Library Exception, version 27263320Sdim3.1, as published by the Free Software Foundation. 28263320Sdim 29263320SdimYou should have received a copy of the GNU General Public License and 30263320Sdima copy of the GCC Runtime Library Exception along with this program; 31263320Sdimsee the files COPYING3 and COPYING.RUNTIME respectively. If not, see 32263320Sdim<http://www.gnu.org/licenses/>. */ 33263320Sdim 34 35#include "config.h" 36#ifdef HAVE_ALLOCA_H 37# include <alloca.h> 38#endif 39#ifdef HAVE_MALLOC_H 40# include <malloc.h> 41#endif 42#ifdef HAVE_STRING_H 43# include <string.h> 44#endif 45#ifdef HAVE_UNISTD_H 46# include <unistd.h> 47#endif 48#ifdef HAVE_FCNTL_H 49# include <fcntl.h> 50#endif 51#ifdef HAVE_PATHS_H 52# include <paths.h> 53#endif 54#ifndef _PATH_TTY 55/* Native win32 apps don't know about /dev/tty but can print directly 56 to the console using "CONOUT$" */ 57#if defined (_WIN32) && !defined (__CYGWIN__) 58#include <windows.h> 59#include <wincrypt.h> 60# define _PATH_TTY "CONOUT$" 61#else 62# define _PATH_TTY "/dev/tty" 63#endif 64#endif 65#ifdef HAVE_SYSLOG_H 66# include <syslog.h> 67#endif 68 69void *__stack_chk_guard = 0; 70 71static void __attribute__ ((constructor)) 72__guard_setup (void) 73{ 74 unsigned char *p; 75 76 if (__stack_chk_guard != 0) 77 return; 78 79#if defined (_WIN32) && !defined (__CYGWIN__) 80 HCRYPTPROV hprovider = 0; 81 if (CryptAcquireContext(&hprovider, NULL, NULL, PROV_RSA_FULL, 82 CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) 83 { 84 if (CryptGenRandom(hprovider, sizeof (__stack_chk_guard), 85 (BYTE *)&__stack_chk_guard) && __stack_chk_guard != 0) 86 { 87 CryptReleaseContext(hprovider, 0); 88 return; 89 } 90 CryptReleaseContext(hprovider, 0); 91 } 92#else 93 int fd = open ("/dev/urandom", O_RDONLY); 94 if (fd != -1) 95 { 96 ssize_t size = read (fd, &__stack_chk_guard, 97 sizeof (__stack_chk_guard)); 98 close (fd); 99 if (size == sizeof(__stack_chk_guard) && __stack_chk_guard != 0) 100 return; 101 } 102 103#endif 104 /* If a random generator can't be used, the protector switches the guard 105 to the "terminator canary". */ 106 p = (unsigned char *) &__stack_chk_guard; 107 p[sizeof(__stack_chk_guard)-1] = 255; 108 p[sizeof(__stack_chk_guard)-2] = '\n'; 109 p[0] = 0; 110} 111 112static void 113fail (const char *msg1, size_t msg1len, const char *msg3) 114{ 115#ifdef __GNU_LIBRARY__ 116 extern char * __progname; 117#else 118 static const char __progname[] = ""; 119#endif 120 int fd; 121 122 /* Print error message directly to the tty. This avoids Bad Things 123 happening if stderr is redirected. */ 124 fd = open (_PATH_TTY, O_WRONLY); 125 if (fd != -1) 126 { 127 static const char msg2[] = " terminated\n"; 128 size_t progname_len, len; 129 char *buf, *p; 130 131 progname_len = strlen (__progname); 132 len = msg1len + progname_len + sizeof(msg2)-1 + 1; 133 p = buf = alloca (len); 134 135 memcpy (p, msg1, msg1len); 136 p += msg1len; 137 memcpy (p, __progname, progname_len); 138 p += progname_len; 139 memcpy (p, msg2, sizeof(msg2)); 140 141 while (len > 0) 142 { 143 ssize_t wrote = write (fd, buf, len); 144 if (wrote < 0) 145 break; 146 buf += wrote; 147 len -= wrote; 148 } 149 close (fd); 150 } 151 152#ifdef HAVE_SYSLOG_H 153 /* Only send the error to syslog if there was no tty available. */ 154 else 155 syslog (LOG_CRIT, "%s", msg3); 156#endif /* HAVE_SYSLOG_H */ 157 158 /* Try very hard to exit. Note that signals may be blocked preventing 159 the first two options from working. The use of volatile is here to 160 prevent optimizers from "knowing" that __builtin_trap is called first, 161 and that it doesn't return, and so "obviously" the rest of the code 162 is dead. */ 163 { 164 volatile int state; 165 for (state = 0; ; state++) 166 switch (state) 167 { 168 case 0: 169 __builtin_trap (); 170 break; 171 case 1: 172 *(volatile int *)-1L = 0; 173 break; 174 case 2: 175 _exit (127); 176 break; 177 } 178 } 179} 180 181void 182__stack_chk_fail (void) 183{ 184 const char *msg = "*** stack smashing detected ***: "; 185 fail (msg, strlen (msg), "stack smashing detected: terminated"); 186} 187 188void 189__chk_fail (void) 190{ 191 const char *msg = "*** buffer overflow detected ***: "; 192 fail (msg, strlen (msg), "buffer overflow detected: terminated"); 193} 194 195#ifdef HAVE_HIDDEN_VISIBILITY 196void 197__attribute__((visibility ("hidden"))) 198__stack_chk_fail_local (void) 199{ 200 __stack_chk_fail (); 201} 202#endif 203